package com.nulldev.util.web.flexibleKit.scfk.utils;

public enum TLSCipherPolicy {
	/**
	 * Use default ciphers enabled by provider.
	 */
	DEFAULT,
	/**
	 * Enable all ciphers, even if they may be insecure.
	 */
	ENABLE_ALL_CIPHERS,
	/**
	 * Enables the cipher suites that nullUtil prefers.
	 */
	ENABLE_NULLUTIL_CIPHERS,
	/**
	 * Use only secure ciphers. <br>
	 * <b>WARNING</b>: This may cause some websites to break. <br>
	 * <b>WARNING</b>: This option requires a TLS 1.3 connection.
	 */
	REQUIRE_SECURE_CIPHERS,

	;

	public static final String[] REQUIRE_SECURE_CIPHERS_CIPHERS =
		{
				// TODO: Add all of them and be sure that they are secure.
				"TLS_AES_256_GCM_SHA384", "TLS_CHACHA20_POLY1305_SHA256", "TLS_AES_128_GCM_SHA256", "TLS_AES_128_CCM_8_SHA256", "TLS_AES_128_CCM_SHA256" };
}
